Chrome team has addressed this issue and introduced many features to ensure the security and privacy of the users. For examples, extensions using some critical APIs, like WebRequest API, are now reviewed before releasing publicly. Chrome has also imposed Content-Security-Policy on all extensions and apps. Moreover, installing add-ons from third-party sources has been blocked.

Another important security feature coming soon to the Google Chrome is the ability to monitor extensions’ activities. This feature is currently under testing, and not enabled by default yet. Users on the Dev channel of Chrome can turn-on it by enabling the flag “Enable extension activity UI” from the chrome://flags/ page. After enabling this flag and restarting the browser, users can see the activity log of extensions from the Extensions page (chrome://extensions) of the Chrome, as shown in the screenshots below:

This feature helps Chrome users to keep an eye on the extensions by monitoring their activities. Users can easily identify malicious activities and uninstall such extensions.

About the Author

Arpit Kumar is a web enthusiast watching browsers for long. He maintains several open-sourced browser-based tools including many popular extensions. Follow Arpit on Twitter, or email him at arpitnext@gmail.com.